We’ve known for a long time that fraudsters use social networks to advertise their services and to share information and ideas with each other. The former Internet Relay Chat (IRC), for example, which was the old chat server used by thousands of people since 1988, is still a platform that fraudsters use for information sharing to this day. They also use Interrupt Requests (ICQ), which emerged 10 years after the IRC.
With the advancements in technology, and new social networks that are emerging, criminals have continued to follow the trends, but on a much larger scale. Groups and channels have been created, where thousands of like-minded people can come together. The global reach is now much greater, as well as the speed at which information is shared. Another bonus is that it is quite easy to use.
Facebook, Instagram and Snapchat are already widely used, followed by Discordapp (a voice, video and text platform, widely used by gamers around the world). There is also TikTok, a social media service that became available worldwide on 2 August 2018, but has seen a surge in popularity during the global pandemic in 2020, with millions of users filming videos of themselves lip-syncing or acting out comedy sketches to alleviate the boredom of lockdown.
When brand new social networks appear, we never stop to think about what we’re going to be exposed to, until something bad finally happens. Blue Whale, the so-called “suicide game”, is just one example of how these networks can be used. Digital crimes are present on all of the networks, just waiting for the wrong search-words to be entered or curiosity to get the better of someone and before we know it, the content can become something so real and so devastating. The Alpha generation – born between 2010 and 2024 – are being born into the era of Instagram, the 3D printer, Smart Speakers and so many other new technologies. From the day they are born, they are exposed to a range of information through various mediums, and are naturally early-adopters of computers, tablets and smartphones. With so many kids shopping online using their parents’ credit cards, it is really not that hard for them to find fraudulent groups on social media.
Platforms like Discordapp allow users to create servers, which can be organised into channels for different subjects, as well as the creation of bots for the automation of some tasks.
These servers are advertised on other social networks, reaching hundreds of thousands of users. Schemes, personal data, credentials, financial data are all shared via Discordapp, and the fraudsters then use them for illegal activities, online shopping and scams.
With TikTok the approach that fraudsters use is a little different. As it is a social network, it works in a completely different way. TikTok is used to share information with users of the network, through videos, products, resources and profits. Often there is also the disclosure of channels and online stores, as well as user details, so anyone interested in the products or services can get in touch. A simple search on the app and the results readily appear, without any restrictions.
What’s both interesting and worrying is that, because it is so easy to find fraudulent channels and profiles, it is no longer necessary to have an entire infrastructure, with special software and settings. This means that young people and children can easily gain access to this fraudulent content. It is no longer necessary to access the Dark Web to buy stolen or cloned credit cards. It’s much simpler than we think. It’s all right there, just a few clicks away.
According to an Arkose Labs press release from September 2019:
“The Arkose Labs Q3 Fraud and Abuse Report analysed over 1.2 billion transactions spanning account registrations, logins and payments from financial services, e-commerce, travel, social media, gaming and entertainment industries, in real time, to provide insights on the evolving threat landscape. The report found that one in 10 transactions are attacks, ranging from automated bots to malicious humans.”
These attacks are mostly carried out for financial gain. Arkose estimates that “by 2021, cybercrime will cost the global economy more than $6 trillion in damages.” They found that the most common type of transaction was automated attacks.
The report states: “These range from large-scale account validation attacks to bots blocking seats on an airline to scripted attacks scraping user data and inventory.”
Interestingly, they discovered that 75% of Social Media attacks were carried out by automated bots. The analysis also found that more than half of the accounts on social media sites are fake. In fact, 25 percent of all new account applications on social media are actually fake.